package com.gm.filter;


import java.util.Iterator;
import java.util.Map;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;

import org.owasp.validator.html.AntiSamy;
import org.owasp.validator.html.CleanResults;
import org.owasp.validator.html.Policy;
import org.owasp.validator.html.PolicyException;
import org.owasp.validator.html.ScanException;

import net.sf.xsshtmlfilter.HTMLFilter;

public class AntiSamyRequestWrapper extends HttpServletRequestWrapper{
	 private static Policy policy = null;  
     
	    static{  
	        //String path = URLUtility.getClassPath(XssRequestWrapper.class)+File.separator+"antisamy-anythinggoes-1.4.4.xml";  
	        //String path =AntiSamyRequestWrapper.class.getClassLoader().//getResource("antisamy-anythinggoes-1.4.4.xml").getFile();  
	        //System.out.println("policy_filepath:"+path);  
	        /*if(path.startsWith("file")){  
	            path = path.substring(6);  
	        }  
	        */
	         try {  
	            policy = Policy.getInstance(AntiSamyRequestWrapper.class.getClassLoader()
						.getResourceAsStream("antisamy-anythinggoes.xml"));  
	        } catch (PolicyException e) {  
	            e.printStackTrace();  
	        }  
	    }  
	  
	    public AntiSamyRequestWrapper(HttpServletRequest request) {  
	        super(request);  
	    }
	    
	    @Override
	    @SuppressWarnings("rawtypes")  
	    public Map<String,String[]> getParameterMap(){  
	        Map<String,String[]> request_map = super.getParameterMap();  
	        Iterator iterator = request_map.entrySet().iterator();  
	        //System.out.println("request_map"+request_map.size());  
	        while(iterator.hasNext()){  
	            Map.Entry me = (Map.Entry)iterator.next();  
	            //System.out.println(me.getKey()+":");  
	            String[] values = (String[])me.getValue();  
	            //HTMLFilter filter = new HTMLFilter();
	            for(int i = 0 ; i < values.length ; i++){  
	                System.out.println(values[i]);  
	                //String clean = new HTMLFilter().filter(values[i]);
	                values[i] = xssClean(values[i]);  
	                //values[i] =filter.filter(values[i]);
	            }  
	        }  
	        return request_map;  
	    }  
	    
	    @Override
	    public String[] getParameterValues(String paramString)  
	      {  
	        String[] arrayOfString1 = super.getParameterValues(paramString);  
	        if (arrayOfString1 == null)  
	          return null;  
	        int i = arrayOfString1.length;  
	        String[] arrayOfString2 = new String[i];  
	        for (int j = 0; j < i; j++)  
	          arrayOfString2[j] = xssClean(arrayOfString1[j]);  
	        return arrayOfString2;  
	      }  
	  
	      @Override
	      public String getParameter(String paramString)  
	      {  
	        String str = super.getParameter(paramString);  
	        if (str == null)  
	          return null;  
	        return xssClean(str);  
	      }  
	  
	      @Override
	      public String getHeader(String paramString)  
	      {  
	        String str = super.getHeader(paramString);  
	        if (str == null)  
	          return null;  
	        return xssClean(str);  
	      }  
	        
	        
	    private String xssClean(String value) {  
	        AntiSamy antiSamy = new AntiSamy();  
	        try {  
	            //CleanResults cr = antiSamy.scan(dirtyInput, policyFilePath);   
	            final CleanResults cr = antiSamy.scan(value, policy);  
	            //
	            return cr.getCleanHTML();  
	        } catch (ScanException e) {  
	            e.printStackTrace();  
	        } catch (PolicyException e) {  
	            e.printStackTrace();  
	        }  
	        return value;  
	    }  	    
}
